Add the option to get the client secret dynamically.

alejandrodevs commented 1 year ago

Add the possibility to get the client secret from a module in order to rotate the secret at least every 6 months (which is a good practice) without the need to be changing the config or env var and restart the application. Similar to the implementation of ueberauth_apple: https://github.com/ueberauth/ueberauth_apple/blob/main/guides/getting-started.md#generating-the-client-secret

Configuration would look like this:

config :ueberauth, Ueberauth.Strategy.Google.OAuth,
  client_id: System.get_env("GOOGLE_CLIENT_ID"),
  client_secret: {MyApp.Google, :client_secret}

and then:

defmodule MyApp.Google
  @spec client_secret(config :: keyword) :: String.t()
  def client_secret(_config \\ []) do
    # Get client secret from db, cache or any other custom implementation.
  end
end

This does not affect to the current implementation, it is backwards compatible. What do you think? @yordis

yordis commented 1 year ago

Do you mind adding a unit test for this? Thus far it makes sense

alejandrodevs commented 1 year ago

@yordis Great! I added the unit tests.

yordis commented 1 year ago

Please forgive me for asking the following (it is on my document across all the repos 😭)

Do you mind adding an entry to the CHANGELOG.md and bumping the package version so it is easier to deploy?

alejandrodevs commented 12 months ago

No worries, happy to contribute a little bit in the package. Both things were done.

yordis commented 12 months ago

🚀 💜

ueberauth / ueberauth_google

Add the option to get the client secret dynamically. #101